Professional Documents
Culture Documents
1. Introduction
The European Commission is committed to protect your personal data and to respect your
privacy. The Commission collects and further processes personal data pursuant to Regulation
(EU) 2018/1725 of the European Parliament and of the Council on the protection of natural
persons with regard to the processing of personal data by the Union institutions, bodies, offices
and agencies and on the free movement of such data.
This privacy statement explains the reason for the processing of your personal data in the
context of the AMR One Health Network meetings. It explains the way we collect, handle and
ensure protection of all personal data provided, how that information is used and what rights
you have in relation to your personal data. It also specifies the contact details of the responsible
Data Controller with whom you may exercise your rights, the Data Protection Officer and the
European Data Protection Supervisor.
The information in relation to processing operation of the AMR One Health Network meetings,
undertaken by DG SANTE, Unit G.4 of the European Commission, is presented below.
Purpose of the processing operation: DG SANTE, Unit G.4 collects and further processes your
personal data to provide you with information about the meeting (before, during and after) and
to process your application for participation in that meeting.
The processing operations on personal data, linked to the organisation, management, follow-up
and promotion of the meeting are necessary for the management and functioning of the
Commission, as mandated by the Treaties. Those provisions are in particular, Article 11 of the
Treaty on European Union and Articles 15, 114, 168 and 169 of the Treaty on the Functioning of
the European Union. Consequently, those processing operations are lawful under Article 5(1)(a)
of Regulation (EU) 2018/1725 (processing is necessary for the performance of a task carried out
Your consent is required for the sharing of the eventual documents that you presented under
your name during the meeting.
4. Which personal data do we collect and further process?
contact details (function/title, first name, last name, name of organisation, city, country,
e-mail address, telephone number);
nationality, passport or identity card number and its date of issue and expiry date may
be collected, so that the data subjects may obtain access to the premises where the
meeting/event is held;
The Data Controller only keeps your personal data for the time necessary to fulfil the purpose of
collection or further processing.
For each of the categories of personal data that is processed, please find below the retention
details and the reference to the relevant record of processing:
All personal data related to the organisation and management of the meeting (this
includes the information given during the registration, before, during or after the event)
will be deleted one year after the last action in relation to the AMR One Health Network
meeting;
Presentations given during the meeting will be deleted five years after the meeting;
Personal data shared with the Directorate-General for Human Resources and Security of
the European Commission for the participants to gain access to Commission buildings is
kept for six months after the termination of the link between the data subject and the
Commission. More information is available in the Record of Processing DPR-EC-00655
(Commission Physical Access Control System (PACS)).
All personal data in electronic format (e-mails, documents, databases, uploaded batches of
data, etc.) are stored on the servers of the European Commission. All processing operations are
carried out pursuant to Commission Decision (EU, Euratom) 2017/46 of 10 January 2017 on the
security of communication and information systems in the European Commission.
In order to protect your personal data, the Commission has put in place a number of technical
and organisational measures. Technical measures include appropriate actions to address online
security, risk of data loss, alteration of data or unauthorised access, taking into consideration
the risk presented by the processing and the nature of the personal data being processed.
Organisational measures include restricting access to the personal data solely to authorised
persons with a legitimate need to know for the purposes of this processing operation.
2
Access to your personal data is provided to the Commission staff responsible for carrying out
this processing operation and to other authorised Commission staff according to the “need to
know” principle. Such staff abide by statutory, and when required, additional confidentiality
agreements.
The presentations given during the meeting will be published on a dedicated web page on
Europa website.
8. What are your rights and how can you exercise them?
You have specific rights as a ‘data subject’ under Chapter III (Articles 14-25) of Regulation (EU)
2018/1725, in particular the right to access, your personal data and to rectify them in case your
personal data are inaccurate or incomplete. Where applicable, you have the right to erase your
personal data, to restrict the processing of your personal data, to object to the processing, and
the right to data portability.
You have the right to object to the processing of your personal data, which is lawfully carried
out pursuant to Article 5(1)(a) of Regulation (EU) 2018/1725 on grounds relating to your
particular situation.
You might have consented to publish your first and last name, affiliation and country of origin in
connection with publication of your presentation. You can withdraw your consent at any time
by notifying the data controller SANTE-CONSULT-G4@EC.EUROPA.EU. The withdrawal of your
consent will not affect the lawfulness of the processing carried out before you have withdrawn
the consent.
You can exercise your rights by contacting the data controller, or in case of conflict the Data
Protection Officer. If necessary, you can also address the European Data Protection Supervisor.
Their contact information is given under Heading 9 below.
Where you wish to exercise your rights in the context of one or several specific processing
operations, please provide their description.
9. Contact information
If you would like to exercise your rights under Regulation (EU) 2018/1725, or if you have
comments, questions or concerns, or if you would like to submit a complaint regarding the
collection and use of your personal data, please feel free to contact the Data Controller SANTE-
CONSULT-G4@EC.EUROPA.EU.
You have the right to have recourse (i.e. you can lodge a complaint) to the European Data
Protection Supervisor (edps@edps.europa.eu) if you consider that your rights under Regulation
3
(EU) 2018/1725 have been infringed as a result of the processing of your personal data by the
data controller.
The Commission Data Protection Officer (DPO) publishes the register of all processing
operations on personal data by the European Commission, which have been documented and
notified to him. You may access the register via the following link: http://ec.europa.eu/dpo-
register.